BlackPhone, BP1, PrivatOS, Do you own one? Do you use it? How do you use it?

Hey Cot, could you post for me what you would like to see improved with the BP? Features, added, etc?

For me:
- Browser by default that let's you type in a url
- Feature request to allow you in network settings to select "4g / LTE" only, or "3G / 4G" only to help with downgrade attacks.
- Feature request to allow you to select "no roaming to another carrier besides the one you select" to prevent you from roaming to another provider.

Still no BlackPhone 2 available for purchase. One item I found again with searching:

URL1 = http://support.whispersystems.org/cu...314-blackphone
Question asked about "Red Phone" being made available in Amazon App store answered as:
The unofficial demo at their DEF CON vendor booth showed "Google Play" app installed in one of the spaces. (Assuming they continue with the past work, the primary "Silent Space" would want to run with only a pure "Silent Store" and collection of apps from Silent* while other spaces (like Amazon Apps Store) can load other stores and more risky apps. If this is the case, and Google Play can run there (and as shown in their online images for BlackPhones 2)

URL2 = https://www.silentcircle.com/blog/pr...e-first-world/
Discussion about "SilentOS 2.0"

One device, with regular security updates, and support for the Silent* suite of apps, plus other stuff like RedPhone, textSecure / Signal, and other tools may make it useful, allowing people that use either of these to communicate with me.

Still have to wait until December for a competitor called "Turing Phone" to see what they are going to delver.

They had an unofficial demo of the new BP2 at DEF CON at their booth. One of their people had one. It is slightly larger than the BP1, has a sealed battery, and I don't recall if there was support for any MicroSD or not -- I have a vague memory that there is no MicroSD, but don't rely on that as anything close to certain. The new BP2 is not running "PrivatOS" but instead "SilentOS" (Part of this is from the buying out of the rest of the business from the other half of the company by Silent* , so a need to rebrand, but there appears to be more to it...)

Google is rolling out an "Enterprise Security" suite for Android which allows for central management of phones, and makes it easier to have "BlackBerry" like phones with central management to dictate policies on corporate/agency phones, and support remote wipe and update by the company/agency. They claim more features for security and privacy as being available to vendors that adopt the new android features.

I like the CyanogenMod-like application security limits, allowing the OS to have a default collection of security restriction for all apps in a space, and more granular settings per app.

A problem I've seen with the spaces, though? THere appears to be some bleed-through on networking. Setting up an OpenVPN in one space in "non-captive" mode seems to include other spaces, but running in captive-mode seemed to limit network settings for that space to just that space. (I need to re-test that since getting all these updates.)

At around the same time, Turing Phone and BlackPhone 2 had news articles claiming to be taking advantage of these new features from Google in Android for enterprise.

Next, the new BlackPhone is supposed to support running "Google Apps Store" in a new BP2 "Space" -- With BP1, the only spaces officially supported are an opensource "store" and amazon "store" and one more which I don't remember. However, the amazon store still feels like shopping in the ass-end of the Internet. The amazon store has a large number of apps that demand even more privacy sacrifices than similar apps in the google app store.

Just how well the Google App store will be supported is another question. Will "Google Push Notification" (and services/apps needed to make that work) be supported? Will I be able to limit them to which kinds of data I want transmitted, or will including these create a secret channel to leak data about me?

It would be nice to have a security-centric phone that supports both the Silent suite of tools and things like RedPhone/TextSecure (soon to be Signal) to offer options with encrypted communication. Not being able to support things like RedPhone/TextSecure has made my original BP1 a good concept, and fun to play with, but not comprehensive enough to replace my primary phone.

The other question? Will BP1 be able to "upgrade" to SilentOS and get access to the same new features in BP2 with support for Google App store?

I also asked about the "New Tablet" there were new stories about Silent* planning to release later this year, but they have no concrete information on that.

I'm planning to get a BP2, and I am considering getting a Turing Phone, too, to compare, but it is a lot of money to spend just to try our a Turing Phone too. (This is why I am looking forward to reading reviews on the new Turing Phone. Will they be as aggressive with OS/Firmware updates as the BP1 has had?)

Cot, they were taking pre orders for the BP2 at DEF CON, $700 I believe? It looks like a traditional black sleek rectangle. A friend who has a BP-1 said he was passing on the 2 because for the extra money there really wasn't enough more memory to meet expectation of "modern" smart phones in that price range.

I like their frequent update schedule! Now if there was any new software in their app store that would be great. Tor? Authenticator? Wonder why it is so hard to get useful security apps listed.

So now they have released PrivatOS 1.1.11:

URL1 = https://support.blackphone.ch/custom...-release-notes

CVE-2015-1534 on all of the online DB for CVE I've checked so far have it specified as "reserved" without public details. However, code review of CyanogenMod shows where code was changed and what was fixed: http://review.cyanogenmod.org/#/q/topic:CVE-2015-1534 and the summary from blackphone.ch release notes on 1.1.11.

Again, with this update for my BlackPhone, none of my other Android devices have any updates to the OS. There was a time that going with a "Pure Google Phone" (like HTC Android Dev1, or later "Nexus" phones) would mean 2-3 years of OS security fixes. Now it seems like the time for security updates is less than 1 year, and updates can take 2 months to arrive after they are found (by non-malicious hackers/developers) and/or disclosed. Hard to accurately estimate what has been found by malicious hackers/developers, but not disclosed, only saved or used for attacks.

Last info on "BlackPhone2" was "to be release mid September."

Turing Phone (not related to PrivatePhone or SilentOS or PrivatOS) is still in the news. Claims of "No USB port", Ship date of December 18, price tags of $1299, $999, $870, $740, $610 for different models, many of which seem to have prices associated with internal storage space, like Apple has done with the iPhone -- charging well more than what you might pay for an MicroSD to upgrade it yourself, but also claims there will be no microSD slot: http://www.androidpolice.com/2015/08...-turing-phone/
It appears as though Turing Phone as BlackPhone2 might be taking advantage of the Google-provided features in Android for Enterprise support of security. It also looks like BlackPhone/BlackPhone2 will be in the market "first." Being first has many advantages, but provides no guarantee for retention of market share.

If anyone receives a Turing Phone, and has a BlackPhone or BlackPhone 2, please compare/contrast and post your thoughts somewhere online.

Thanks!

I feel a similar way about the apps that claim to do this, and I am not 100% convinced that the apps that do this, don't just look for where cached copies of the installed app's APK are left behind on the FS, and then just copy them to your SD.

There is/are also plugins for Chrome and Firefox that claim to download APK for you from the play.google.com store, but let you know this is a violation of their ToS, and I *think* these plugin also require you to login, or be logged-in with google before the download will work, which exposes creds or auth-token to this plugin to do other things with.

The web-plugins, websites and android apps that do this APK export all occupy a gray space, where people often employ their use to do something illegal, break contracts, bypass border restrictions on import, etc. and because of this, are great candidates as vectors for malware. They enjoy the same kinds of protections that con artists gain with common cons that usually make a mark into a co-conspirator in the commission of a crime, or actions they would not made public, so if things do go bad, they are unlikely to contact law enforcement and complain, as they would have to admit their involvement in the action, too.

Have you searched the dirs on your phone with a file browser to see if your phone has copies of all its play.google.com installed apps? If so, that would be the most trust-worthy method to get copies of the APK your phone already has.

What I would like, and I bet you would like would be an understanding of how to direct request APK from play.google.com, and have google serve these APK to us. The few descriptions I have read that provided URL constructions to do this do not work for me.

If you or anyone else finds a description of a method that can reliable allow direct download from play.google.com (and not a proxy that demands your trust of the proxy, and downloads a copy from play.google.com and then serves it to you from the proxy, please let us know.

I'm guessing, the best method might be to examine a web-client plugin, so see how it crafts a URL to download APK, and then duplicate it in a shell or script. Another option? Build a custom CA and sign wildcard keys for "*.google.com" and load that wildcard key into something like wireshark or a proxy that does intermediate plain-text, and then dump to plain a packet capture file, and analyze it for how their protocol works.

The last problem with this, though, is getting notifications for updates to Side-Loaded apps via APK -- how do we know an app needs a critical security update, and what happens if we are away from a desktop/laptop that might be used in the process. :-/

I do not know of any export method that extracts configurations/settings for an app and builds an APK to include all of those settings/license(s)/configs. This would be important for any apps that required some sort of in-app license key to activate.

Anyone have a current description of how do craft a URL and request for APK direct from play.google.com?

Let's say I want to get an apk from the google store, is there a way to get it off my daily use phone and manually move it to my test phone?

I'm like you and don't trust the "we'll download it for you!" sites

For BP1 1.1.x, if you can download an "apk" from the browser in the phone, even in another space, it appears to recognize the downloaded apk can be installed as an app.
If the apk is an upgrade, it reports changes in deps/requirements (if any) on install/upgrade. (Some of this likely requires support in the web server serving apk to properly mark the required MIME type.)

So, you really appear to only need the apk-based file in order to get an app installed.

(In PrivatOS 1.1.10 and earlier, just because you can install an app does not mean it will work. For example, if an app requires Google Push Notification support? It likely won't work unless you install quite a few of the google apps assuming they install and work.

For some apps, you can download them direct from the developers's site. An example:

http://plai.de/android/

As linked from:
https://github.com/schwabe/ics-openvpn

which is linked from:
https://play.google.com/store/apps/d...blinkt.openvpn

Side loading has worked on those apk I've downloaded from developer's site, bypassing need to register with amazon store, or other stores, but losing notices of new updates with features to auto-upgrade.

There are websites that will download APK for you from play.google.com, acting a s a proxy, but I don't trust them, and don't know how I would decide which sites were trust-worthy, and which are not. in my view, they have to make money somehow; if your not the customer, maybe you are the product?

There are claims of plugins for firefox and chrome to download APK from play.google.com for you, so you can save on your desktop and then side-load them.

Also, there have been recurring claims that from an ordinary URL with modifications, it is possible do downlod APK direct from http://play.google.com/ , but the ones I found did not work -- it was s-if google engineers fixed those.

Last, there are apps that claim to be able to build APK by intercepting the install process and then manufacturing an apk, but that required another device to run these on and then install from "stores."


They claim BP2 will support google play in at least one of their "spaces" and I saw a demo the had at DC23 Vendor for SilentCircle, but did not ask about push notificaton or other google services and that space with google play store. (Would be nice to have one phone easily support the silent* suite of tools and in another space spport RedPhone and TextSecure or "signal"

I'm not getting my hopes up. I'm expecting minimal "play.google.com" support so I can be surprised if/when they do support RedPhone in addition to their default SilenPhone.

Back to topic:

Since having "apk" files is enough, how do other people get their APK files for sideloading to phones?


HTH,
-Cot

I've recently updated my BP-1 to 1.1.10 and am playing around with it again.

One problem I'd love to find a way around is how to download .apk packages and install them to BP-1? I don't want to have to create yet another account to join the app store to install a single app.

So, on Aug 17, they releases PrivatOS 1.1.10:

URL1 = https://support.blackphone.ch/custom...-release-notes

Free, public mention for both these CVE, since the update, have not show many details, but he descriptions above from BlackPhone provide some idea on the intended fix.

So, while I was at DEF CON, they released PrivatOS 1.1.9:
URL1 = https://support.blackphone.ch/custom...-release-notes

Silent Circle had a booth, and one of the people there had a BlackPhone 2. I asked a few questions about "SilentOS" as the new name vs "PrivatOS" as the old name of the OS, and was told of the differences in highlighting the purpose and target for each, and the new SilentOS should support Google App Store.

None were physically available for sale, but they were accepting pre-orders. I'd like to hear how things worked out for them.

Additionally, they have updated what 1.1.7 was all about:

URL2 = https://support.blackphone.ch/custom...otes?b_id=4314

URL1=http://www.techtimes.com/articles/73...ch-display.htm

In this news article is a claim, which is new to me about the new plans for BlackPhone2. (Realize, the past suggestions on direction, release date, and features for both have not been reliable, and journalists can get things wrong, but this was interesting to me:

This could be double-edged. The present BlackPhone SilentStore does not support Google Play. Support for other "stores" in the "Spaces" allows for Amazon and others, but lack of google play support built into BlackPhone1's PrivateOS and no support for other google services means some other tools don't work in BP1. (RedPhone, some games, TextSecure, etc.)

It seems unlikely to me that Google would support "Android for Work" on BlackPhone2 unless Google could get some data-mining information out of the device. So, now I am guessing that we will see a collision between features and use on the new BP2. Google apps may demand broad access, and refuse to work without it. This would give the illusion of control, when in reality it would still be an "all-or-nothing" proposal -- accept Google apps with full access or don't use Google apps.

Seeing the development of new app in the SilentStore at a growth-rate of nearly zero since it opened suggests consumers don't find it too popular, and developers don't see enough consumers to dev for "yet another platform."

Maybe this change in direction they started many months ago towards business use and google play store support will give a more popular product consumers might want even more.


All of this with new competition in the same space: Turing Phone

"Futuristic-looking liquid metal Turing Phone promises total hacker protection"
http://www.cnet.com/products/turing-phone/

"The Turing Phone is the craziest Android device you'll see this year"
http://www.theverge.com/2015/7/18/89...nds-on-preview

"The Turing Phone Is Built to Be Unhackable and Unbreakable"
http://www.wired.com/2015/07/turing-robotics-phone/

The Turing phone marketing or at least the phrases in these articles is alarming. Calling something "Hacker Proof" is like calling ciphers "Military Grade" or "Proprietary and Secret" -- these are often warning signs.

There is/was an update to PrivateOS 1.1.8 now, but the update for 1.1.7 is still missing details:

URL1=https://support.blackphone.ch/custom...otes?b_id=4314

It was last updated Jul 03, 2015 03:35PM UTC.

I've asked for any new ETA on info since we have passed the previous mid-July estimate.

[Edit: They replied on twitter fairly quickly: Adding:]
URL3=https://twitter.com/SilentCircle/sta...90993703145473
URL4=https://twitter.com/SilentCircle/sta...91275719778304
[/edit]


URL2=https://support.blackphone.ch/custom...otes?b_id=4314

All about OpenSSL:
* CVE-2015-1788 https://web.nvd.nist.gov/view/vuln/d...=CVE-2015-1788
* CVE-2015-1789 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1789
* CVE-2015-1791 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1791



Last, don't forget to visit "Silent Store" after each upgrade and check all your apps for updates after installing new PrivateOS updates.

I purchased my blackphone in response to a stalking problem I was having. The stalker had hacked 3 I phones and a couple of androids and I was fed up. I've had the phone for about a year and I use it for everyday calling, texting etc. I feel 100% private and have had no more phone problems since I switched.

A reply to the question on twitter about lack of details:

URL1=https://twitter.com/SilentCircle/status/616687656181858305

URL2=https://twitter.com/VicHyder/status/616711743755022336

It is better to have security issues for users fixed early, but this embargo is problematic.

If this kind of lack of details to fixes for this and other products becomes a new norm, is can also be used to masquerade changes to products that won't always be in the individual consumer's interest.

For products made in the US (or China, or Russia) if the government mandates inclusion of back-doors in code, and further denies vendor free speech to let users know about the back door, then users fall under greater risk to lost security with the addition of a back door, and without a legal method to be informed of the new security risks, greater exposure without opportunity to address risk or try to mitigate newly introduced degraded security.

Obviously, vendors do not need to use an embargo to install a backdoor, as they can roll one with any normal update and disclose information about the update while omitting information about the back door. All the embargo delay does is help make it normal for updates to not specify what changes are being made to their devices... kind of like shrink-wrap licenses, or governments voting on would-be new laws, but not being allowed to see the text of the new legislation.

"Bad Guys" can download old code, and then download new code, and compare differences. the differences will expose what code was changed and provide scope of search to find vulnerabilities based on the changes.

I understand a few reasons for embargo legally, but do not like them. :-/